LAM - Readme ============ A set of PHP-scripts to administrate Unix and Samba accounts in a LDAP server. LAM runs on any webserver with PHP4 support and connects to your LDAP server unencrypted or via SSL. The application manages accounts for users, groups and Samba hosts in multiple organizational units. LAM supports the Samba 2.x schema and the Samba 3 schema. http://sourceforge.net/projects/lam/ Copyright (C) 2003 Michael Duergner Roland Gruber Tilo Lutz Leonhard Walchshäusl This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA Requirements: PHP4 Openldap (2.0 or greater) A web-browser that supports CSS (Netscape 4.x is not recommended) Summary: With LAM you can easily manage user, group and machine accounts stored in a LDAP server over a web interface. At the moment it supports: - displaying the user/group/host/domain entries - deleting entries - adding new entries - editing entries - filtering and sorting - account profiles - access management - multiple configuration profiles - OU Editor - User creation via file upload - Samba 2 and 3 schema support Important: The standard password to edit the configuration options is "lam". Download: You can get the newest version at http://sourceforge.net/projects/lam/ Installation: Please see the INSTALL file. Known Bugs: - If you fill in the Unix workstations field the LDAP add/modify operation may fail. This is because the host attribute is provided only by objectClass account which conflicts with inetOrgPerson. If you want to use host restrictions, add the host attribute to inetOrgPerson in your schema file. Documentation: Basic documentation available in /docs Internationalization: If you want to use a translated version of LAM be sure to install the needed locales. See locale/ for a list of supported locales. Debian users can add locales with "dpkg-reconfigure locales". Security: It is strongly recommended to use a SSL connection to your web server. LAM needs to store your LDAP username + password in the session. The session files are saved in sess/ and are accessible only by the web server. To increase security username and password are encrypted with AES (256 bit). The key and iv are generated at random when you log in. They are stored in two cookies. Have fun! The LAM devel team